Active Directory Tools

These tools are available in "Administrative Tools" after Active Directory is installed.

Active Directory Users and Computers - Active Directory Users and Computers is a Microsoft Management Console snap-in. It is started by selecting "Start", "Programs", "Administrative Tools", and "Active Directory Users and Computers". Only members of the Domain Admins or Enterprise Admins group can use this tool. This tool is used to create, configure, locate, move, and delete objects including:

Connection agreements configure directory synchronization between Exchange and Active Directory and one or more are supported with ADC. Items used to configure a connection agreement:

Server name

Targer containers

Objects to be synchronized

Synchronization schedule

ADC Installation:

ADC requires a service user account and password.

Put the Windows 2000 Server installation CDROM in the computer.

Enter the directory \Valueadd\MSFT\Mgmt\ADC.

Double click on setup.exe.

Select the "Microsoft Active Directory Connector Service component" to install ADC and the"Microsoft Active Directory Connector Management component" to install the ability to manage the service. The Management component can be installed on Windows 2000 Professional computers to allow ADC management from them.

Right click the server to configure and select "properties" to see the properties dialog box. This is used to configure connection agreements between Active Directory and the Exchange 5.5 directory service. The following tabs exist in the box:

General - Select replication direction as "Two way", "From Exchange to Windows", or "From Windows to Exchange". Set the connection name, and the server to run the connection agreement. For slow network connections, the agreement can use Exchange Server's Site Replication Service (SRS).

Schedule - Set synchronization schedule. The registrey setting at "HKEY_LOCAL_MACHINES\System\CurrentControlSet\Services\MSADC\Parameters" can be used to reduce the default polling schedule. The parameters that are configurable are:

Name - The delay in seconds to wait between checking for updates. The default value is every 5 seconds.

Type - DWORD

Data - Seconds to wait between cycles.

From Exchange - Specify the objects to replicate and the Exchange receipient containers.

From Windows - Specify objects to be synchronized and the containers that will receive objects. The option "Replicate secured Active Directory objects to the Exchange Directory" can be checked and the objects can be filtered using Discretionary Access Control Lists (DACLs).

Deletion - Use this tab to configure object deletion behavior. When objects are deleted, the deletions are stored in SystemRoot\System32\MSADC\Connection_Agreement_Name\NT5.LDF for Active Directory and SystemRoot\System32\MSADC\Connection_Agreement_Name\Ex55.CSV for Exchange.

Advanced - Configure "Paged results" configures the quantity of entries to be synchronized for each request. The settings are "Windows Server entries per page" and "Exchange Server entries per page". Checkbox options include "This is a primary Connection Agreement for the connected Exchange organization", and "This is a primary Connection Agreement for the connected Windows Domain". Choices for "When replicating a Mailbox whose Primary Windows Account does not exist in the domain" are: